Session(login) Problem

meln

Hi,

I have a script which has codes down. This script worked well in localhost and my own website. But when i tried it on other host i couldnt login in admin panel.

I'm using EasyPHP on local, has php 4.3.10
my own website has 4.4.8
and the other host has two options 4.4.7 and 5.2.5.

I tried both version and result is same. I couldnt manage to login in panel. When i remove

session_start();
ob_start();

i can login but the login form still appears above the panel and when i clicked a link i return to begining and it's needed to login again.

here is my codes.

index.php

<?

# Load Site Configs
include ("includes/inc_site_config.php");
# Load Sessions
session_start();
ob_start();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title><?=$SITETITLE?></title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<link href="css/site.css" rel="stylesheet" type="text/css">
<? include ("inc_js.php"); ?>
</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" onload="xinha_init();" >
<table width="775" height="100%" border="0" align="center" cellpadding="0" cellspacing="0" class="border">
  <tr align="center"> 
    <td width="800" height="20" valign="top" bgcolor=#ffffff> <? include ("inc_top_menu.php"); ?> </td>
  </tr>
  <tr align="center" > 
    <td valign="middle" bgcolor=#ffffff> <? include ("middle_inc.php"); ?> </td>
  </tr>
  <tr> 
    <td height="20" align="center" valign="top" bgcolor=#ffffff> <? include ("inc_buttom_menu.php"); ?> </td>
  </tr>
</table>
</body>
</html>
<?
	mysql_close();
	ob_end_flush();
?>

middle_inc.php

<?
	// Ask password?
	If (!session_is_registered("id")) {
		include("askpassword.php");
	}

// Check password?
If (isset($_POST['login'])) {
	include("checkpassword.php");
}

// Logoff?
If (isset($_GET['logoff'])) {
	session_destroy();
	header("Location: index.php");
	exit();
}

// Main Page
If (session_is_registered("id")) {
	include("main.php");
}

?>

askpassword.php

<table width="94%" border="0" cellpadding="0" cellspacing="0">
  <FORM METHOD=POST ACTION="index.php">

  <tr>
    <td align="center" valign="middle"><table  border="0" cellpadding="0" cellspacing="0" class="editbox">
        <tr bgcolor="#FFFFFF"> 
          <td width="153" rowspan="6" align="left" valign="top"><img src="http://www.r10.net/images/img136.jpg"></td>
          <td class="text">&nbsp;</td>
          <td colspan="2" align="center" class="style2 style3"><div align="left"> .: Yönetim Paneli</div></td>
        </tr>       

		 <tr> 
          <td bgcolor="#FFFFFF" class="text">&nbsp;</td>
          <td bgcolor="#FFFFFF" class="text"></td>
          <td width="97" bgcolor="#FFFFFF" class="text"></td>
        </tr>
        <tr> 
          <td bgcolor="#FFFFFF" >&nbsp;</td>
          <td bgcolor="#FFFFFF" >Kullan&yacute;c&yacute; Ad&yacute;</td>
          <td width="97" bgcolor="#FFFFFF" class="text"><input name="kullanici_adi" type="text" size="15" class="cancel"></td>
        </tr>
        <tr> 
          <td width="4" align="left" bgcolor="#FFFFFF" class="text">&nbsp;</td>
          <td width="61" align="left" bgcolor="#FFFFFF" >&THORN;ifrer</td>
          <td width="97" bgcolor="#FFFFFF" class="text"><input name="parolasi" type="password" size="15" class="cancel"></td>
        </tr>
        <tr bgcolor="#FFFFFF"> 
          <td colspan="2">&nbsp;</td>
          <td class="text"><input name="login" type="submit" class="tus" value="Giri&thorn;"> 
            <input name="reset" type="reset" value="Sil" class="tus"></td>
        </tr>
        <tr bgcolor="#FFFFFF"> 
          <td height="42" class="text">&nbsp; </td>
          <td colspan="2" class="text">IP adresiniz kay&yacute;tlara al&yacute;nm&yacute;&thorn;t&yacute;r:<br>          

            <?=$_SERVER["REMOTE_ADDR"]?>)</td>
        </tr>
      </table></td>
  </tr>
  </FORM>
</table>

checkpassword.php

<?


	$kullanici_adi = removeUwChar($_POST['kullanici_adi']);
	$parolasi = removeUwChar($_POST['parolasi']);
	$sql = "select * from tbl_admin where active = 1 and username ='$kullanici_adi' and password='$parolasi'";
	$result = MYSQL_QUERY($sql) or die(mysql_error());
	while ($row=mysql_fetch_array($result))
	{
		$id=$row["id"];
		$adi = $row["name"];
		$soyadi = $row["lastname"];
	}
	If (mysql_num_rows($result) < 1):
			Session_Destroy();
			Header("Location: index.php?errmsg=1");
	Else:
			session_register("username");
			session_register("id");
			Header("Location: index.php".SID);
	EndIf;
?>

If you can help me i'll appreciate.

Thank you.

cam815

If your askpassword.php is being included, it looks like !session_is_registered("id") is returning true, bringing up your login page.

Have you tried this on a browser where you've never logged in? Does this only happen if you've logged in once? Are you completely destroying all session data when a user logs out?

If it is still showing up in a browser that's never logged in before then you must be calling session_register( "id" ) at some point BEFORE a user logs in.

meln

cam815;10886589 wrote:
If your askpassword.php is being included, it looks like !session_is_registered("id") is returning true, bringing up your login page.

Have you tried this on a browser where you've never logged in? Does this only happen if you've logged in once? Are you completely destroying all session data when a user logs out?

If it is still showing up in a browser that's never logged in before then you must be calling session_register( "id" ) at some point BEFORE a user logs in.

hi cam815,

i tried in 2 different browser and still got nothing. i think it's a stupid idea but i deleted ob_start(); line and i entered the panel. above menus form still appeared but after clicking a link it went away. i didnt get what's going on 🙁 i dont have enough knowledge about php. i'm seeking still.

thank you.